In case folks did not see the announcement, we will be reviving the group this week! Robert Yee of Cisco will be discussing Fabric based networking at Cisco's office. Doors open at 6:30, talk starts at 7:00. We have both live attendance options as well as WebEx options. Please register at this link: http://lanetworks.wpengine.com/sccug-october-meeting/ Thanks, Jason Bomar
... View more

Jason Bomar with LA Networks Presents IOS - All the Small Things Thursday, February 13, 2014 7pm - 8:30pm (Doors open at 6:30pm) For more information, please visit www.sccug.org Agenda Dinner & Networking 6:30pm - 7:00pm Presentation 7:00pm - 8:30pm Location Ascolta Training Company Wells Fargo Building 535 N. Brand Blvd. Suite 510 Glendale, CA 91203 Parking Free parking is available after 6pm on the rooftop or first floor of the parking structure behind the Wells Fargo Building. Entrance is on Doran off of N. Brand Blvd. Speakers: Jason Bomar is a network engineer and partner for LA Networks, a Southern California based Consulting Services firm. He has been involved with Cisco networking for nearly 20 years, been affiliated with Cisco User Groups for 14 years and has had his CCIE in Routing/Switching for over 11 years. He focuses primarily on Data Center Infrastructure, routing and switching (design, deployment and operations). Topic Agenda IOS - All the Small Things: We will talk about little things that can add up to making big differences in your network. Items like loopback interfaces, routing protocol best practices, redundancy best practices, ACL's and so forth. Please join us for an evening of discussion and please bring some of YOUR best tips, tricks and traps that you can share with the group if you have any! Contact: Karla Rivera Email: karla.rivera@ascolta.com Phone: 949.435.3975
... View more

Folks sorry for the late notice, but we DO have a SCCUG meeting this month, I will be presenting a Network Design Clinic. You can RSVP here (if you plan to attend PLEASE RSVP so that they can plan the space accordingly): http://www.sccug.org/ Summary of Presentation: We will cover the fundamentals of network design, focusing on routing/switching/operations/management/Ip addressing, etc. We will have a few slides to go over some best practices and initiate some discussion amongst the group, but the best results will be achieved if you bring your OWN network design challenges and questions to the session. Thanks, Jason Bomar CCIE #9316
... View more

I am really sorry to not have replied sooner - I guess I am used to the old Yahoo group where it emailed us when there was a question like this. You have probably already found the answer, but the way I would do this is with Policy Based Routing or PBR. Effectively you will use an access-list to define your interesting traffic, then you will use a route-map to match that ACL and set the next hop out of the appropriate interface. Finally you will apply this route-map to the interface that the traffic from the server will enter on, so you can source base route it out the appropriate interface. Of course we are just barely scratching the surface with PBR! It can be used to route based on lots of different criteria, and it can do a lot more than just routing the traffc out of a specific interface. You can also integrate it with complementary technology such as IP SLA and so forth. Here are a few links for additional information: https://supportforums.cisco.com/docs/DOC-1634 http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SY/configuration/guide/policy_based_routing_pbr.html Hope this helps, Jason Bomar, CCIE #9316
... View more

In July I will be presenting on Midsize Data Center Design, here is the info... Thursday, July 11, 2013 from 7:00 PM to 8:30 PM (PDT) Ascolta Training Company - Wells Fargo Building 535 N. Brand Blvd. Suite 510 Glendale, CA 91203 Topic: Midsize DC Design Synopsis: We have covered a number of deep dive data center technologies in the resent sessions. This session will strive to tie these technologies together for the midsize DC. We will overview on technologies like VPC, Fabric Path, ISSU, FEX etc, and we will tie it back to designing for growth and scalability. This will be an interactive session – so please look at YOUR DC and come with questions specific to YOUR environment so you can take away some real world advice! PLEASE RSVP if you plan to attend: http://www.eventbrite.com/event/7259634763/?ref=enivtefor001&invite=MzgwNTE4OS9qYm9tYXJAbGEtbmV0d29ya3MuY29tLzA%3D&utm_source=eb_email&utm_medium=email&utm_campaign=inviteformalv2&utm_term=attend&ref=enivtefor001
... View more

Just so I understand, because this differs from the document I linked a fair amount ... the ASA (Concentrator) should AAA Auth to the CAM (which will pass it through to the ACS 3.3 as IETF) and should AAA Account to the CAS (which will pass it through to the ACS as IETF which will use it to SSO to the network) ... is that right? So the ASA does not require to point to the ACS directly?
... View more

Hello - I have been working on a lab set up that I would like to be able to show to potential customers for NAC Appliance (or CCA). I had no problems when using NAC in L3 OOB as might be deployed in a routed LAN type of setting, but I am having a horrible time getting it to work L3-IB with VPN/SSO even though I am trying my best to go by the documentation: http://www.cisco.com/en/US/products/ps6128/products_configuration_example09186a008074d641.shtml I find a few very confusing things about this document, and am suspecting that is where my trouble lies: 1) There is no mention of the RADIUS set up on this document other than to say "set it up". So I am wondering... a) What version of ACS do I need? (3.3 currently). b) Which RADIUS Service (IOS? IETF?) c) What is the IP of the RADIUS server in that document? I see two addresses: 172.18.124.101 and 172.18.85.181. To make matters worse, there are discrepancies in the config of the ASA in that document which conflict with the screen shots. Any help anyone can provide would be great. Thanks, Jason Bomar, CCIE #9316
... View more

I am rather new to these forums - but I think that an important factor is what YOU can support. It sounds like your network is not too large (under 100 sites) so I think processor power should not be an issue on your routers should you choose OSPF. If you pick OSPF, you need to be aware of its hierarchical requirements - Area 0 needs to be planned for tomorrow, not just today. In smaller networks, EIGRP is quite fine ... heck, I personally think in larger networks it is fine as well - but you need to plan it then as much as you do for OSPF. Unless you have a high number of networks and network changes at each site, 256K should be fine for either protocol ... with EIGRP you have the option of restricting how much BW on the link it can take up for routing updates, but you may not need it and I would not tweak such a parameter unless I felt I had to. Each will send small updates once they are up and stable, each will support stub areas, each will support summarization. I am not sure if this helps or not, but untilmately the choice in my mind lies on what you can support in large part. Thanks, Jason
... View more